DLL Injection Vulnerability in Symantec Endpoint Protection Products
CVE-2020-5821
7.8HIGH
Key Information:
- Vendor
Symantec
- Status
- Vendor
- CVE Published:
- 11 February 2020
What is CVE-2020-5821?
Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition are vulnerable to a DLL injection attack, which allows an attacker to execute unauthorized code within the context of the application. This can compromise system integrity by replacing legitimate processes with malicious code, leading to potential data breaches and unauthorized access to sensitive information. Users are advised to update their software to the latest versions to mitigate this risk.
Affected Version(s)
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively